What is claimed is: 

1 1 . A computer program product for providing end-to-end protection for datagrams in a 

2 computer networking environment, the computer program product embodied on one or more 

3 computer-readable media and comprising computer-readable program code means for 

4 independently securing each of a plurality of network segments that comprise a network path 

5 from a datagram originator to a datagram destination, while each of one or more gateways in the 

6 network path retains cleartext access to datagrams sent on the network path. 

j| 2. A computer program product for providing end-to-end protection for datagrams in a 

4| computer networking environment, the computer program product embodied on one or more 

: 1 computer-readable media and comprising: 

1 4 computer-readable program code means for protecting each of a plurality of network 

l«5 segments that comprise a network path from a datagram originator to a datagram destination, 

;Jj5 further comprising: 

^ 7 computer-readable program code means for establishing a first protected network 

8 segment from the datagram originator to a first gateway in the network path; 

9 computer-readable program code means for cascading zero or more protected 

10 gateway-to-gateway segments from the first gateway to each of zero or more successive gateways 

1 1 in the network path; and 

12 computer-readable program code means for cascading a last protected network 

13 segment from a final one of the gateways to the datagram destination, wherein the final gateway 
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1 4 may be identical to the first gateway if no gateway-to-gateway segments are required, 

1 5 wherein the first gateway and each of the zero or more successive gateways retains 

16 cleartext access to datagrams sent on the network path. 

1 3 . The computer program product according to Claim 2, wherein the computer-readable 

2 program code means for establishing and the computer-readable program code means for 

3 cascading further comprise computer-readable program code means for establishing security 

4 associations which use strong cryptographic techniques. 

41 4. The computer program product according to Claim 3, wherein the strong cryptographic 

% techniques used for the security associations are provided by protocols known as Internet Key 

J 3 Exchange and IP (Internet Protocol) Security Protocol. 

U h 5 . The computer program product according to Claim 2, wherein the computer-readable 

■^2 program code means for cascading further comprises computer-readable program code means for 

3 using identifying information from the first protected network segment as identifying information 

4 of the protected gateway-to-gateway segments and the protected final network segment. 

1 6. The computer program product according to Claim 5, wherein the identifying information 

2 further comprises addresses of the datagram originator and the datagram destination. 
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1 7. The computer program product according to Claim 6, wherein the identifying information 

2 further comprises a protocol identification and a port number used for the first protected network 

3 segment. 

1 8. The computer program product according to Claim 4, wherein the datagram originator 

2 and the gateways that perform the computer-readable program code means for cascading each act 

3 in an IKE initiator role. 

3 9. The computer program product according to Claim 2, wherein the datagram originator 

U 1 and the gateways that perform the computer-readable program code means for cascading each act 

41 as in an initiator role for a protocol known as Internet Key Exchange. 

Ql 10. The computer program product according to Claim 5 or Claim 6, wherein the identifying 

U2 information is copied from an inbound side of each gateway to an outbound side of that gateway. 

1 11. The computer program product according to Claim 2, wherein any of the gateways may 

2 perform services on the cleartext datagram. 

1 12. The computer program product according to Claim 2, wherein operation of the computer- 

2 readable program code means for cascading may be selectively enabled for any particular network 

3 path. 
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1 13. The computer program product according to Claim 12, wherein the selective enablement 

2 occurs by setting a cascading-enabled flag for the first protected network segment, and wherein 

3 datagrams sent on the network path are not protected using cascaded tunnels when the computer- 

4 readable program code means for cascading is disabled. 

1 14. The computer program product according to Claim 5, wherein the identifying information 

2 may be altered by zero or more of the gateways. 

U J 15. A system for providing end-to-end protection for datagrams in a computer networking 

% environment, the system comprising means for independently securing each of a plurality of 

J3 network segments that comprise a network path from a first computer to a second computer, 

f 4 wherein a datagram originator at the first computer sends at least one datagram to a datagram 

U)5 destination at the second computer, while each of one or more gateways in the network path 

i= "6 retains cleartext access to datagrams sent on the network path. 

1 16. A system for providing end-to-end protection for datagrams in a computer networking 

2 environment, comprising: 

3 means for protecting each of a plurality of network segments that comprise a network 

4 path from a datagram originator to a datagram destination, further comprising: 

5 means for establishing a first protected network segment from the datagram 
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originator to a first gateway in the network path; 

means for cascading zero or more protected gateway-to-gateway segments from 
the first gateway to each of zero or more successive gateways in the network path; and 

means for cascading a last protected network segment from a final one of the 
gateways to the datagram destination, wherein the final gateway may be identical to the first 
gateway if no gateway-to-gateway segments are required, 

wherein the first gateway and each of the zero or more successive gateways retains 
cleartext access to datagrams sent on the network path. 

17. The system according to Claim 16, wherein the means for establishing and the means for 
cascading further comprise means for establishing security associations which use strong 
cryptographic techniques. 

18. The system according to Claim 17, wherein the strong cryptographic techniques used for 
the security associations are provided by protocols known as Internet Key Exchange and IP 
(Internet Protocol) Security Protocol. 

19. The system according to Claim 16, wherein the means for cascading further comprises 
means for using identifying information from the first protected network segment as identifying 
information of the protected gateway-to-gateway segments and the protected final network 
segment. 
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20. The system according to Claim 19, wherein the identifying information further comprises 
addresses of the datagram originator and the datagram destination. 

21 . The system according to Claim 20, wherein the identifying information further comprises a 
protocol identification and a port number used for the first protected network segment, 

22. The system according to Claim 1 8, wherein the datagram originator and the gateways that 
perform the means for cascading each act in an IKE initiator role. 

23 . The system according to Claim 1 6, wherein the datagram originator and the gateways that 
perform the means for cascading each act as in an initiator role for a protocol known as Internet 
Key Exchange. 

24. The system according to Claim 19 or Claim 20, wherein the identifying information is 
copied from an inbound side of each gateway to an outbound side of that gateway. 

25. The system according to Claim 16, wherein any of the gateways may perform services on 
the cleartext datagram. 



26. The system according to Claim 16, wherein operation of the means for cascading may be 
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selectively enabled for any particular network path. 



1 27. The system according to Claim 26, wherein the selective enablement occurs by setting a 

2 cascading-enabled flag for the first protected network segment, and wherein datagrams sent on 

3 the network path are not protected using cascaded tunnels when the means for cascading is 

4 disabled. 

1 28. The system according to Claim 1 9, wherein the identifying information may be altered by 

; 1| zero or more of the gateways. 

% 29. A method of providing end-to-end protection for datagrams in a computer networking 

environment, by independently securing each of a plurality of network segments that comprise a 

Cs network path from a first computer to a second computer, wherein a datagram originator at the 

U H first computer sends at least one datagram to a datagram destination at the second computer, 

^5 while each of one or more gateways in the network path retains cleartext access to datagrams sent 

6 on the network path. 

1 30. A method of providing end-to-end protection for datagrams in a computer networking 

2 environment, comprising steps of: 

3 protecting each of a plurality of network segments that comprise a network path from a 

4 datagram originator to a datagram destination, further comprising steps of: 
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establishing a first protected network segment from the datagram originator to a 
first gateway in the network path; 

cascading zero or more protected gateway-to-gateway segments from the first 
gateway to each of zero or more successive gateways in the network path; and 

cascading a last protected network segment from a final one of the gateways to the 
datagram destination, wherein the final gateway may be identical to the first gateway if no 
gateway-to-gateway segments are required, 

wherein the first gateway and each of the zero or more successive gateways retains 
cleartext access to datagrams sent on the network path. 

31. The method according to Claim 30, wherein the establishing step and the cascading step 
further comprise the step of establishing security associations which use strong cryptographic 
techniques. 

32. The method according to Claim 3 1 , wherein the strong cryptographic techniques used for 
the security associations are provided by protocols known as Internet Key Exchange and IP 
(Internet Protocol) Security Protocol. 

33. The method according to Claim 30, wherein the cascading step further comprises the step 
of using identifying information from the first protected network segment as identifying 
information of the protected gateway-to-gateway segments and the protected final network 
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segment. 



1 34. The method according to Claim 33, wherein the identifying information further comprises 

2 addresses of the datagram originator and the datagram destination. 

1 35. The method according to Claim 34, wherein the identifying information further comprises 

2 a protocol identification and a port number used for the first protected network segment 

111 36. The method according to Claim 32, wherein the datagram originator and the gateways 

US that perform the cascading step each act in an IKE initiator role. 

^1 37. The method according to Claim 30, wherein the datagram originator and the gateways 

yk that perform the cascading step each act as in an initiator role for a protocol known as Internet 

U3 Key Exchange. 

1 38. The method according to Claim 33 or Claim 34, wherein the identifying information is 

2 copied from an inbound side of each gateway to an outbound side of that gateway. 

1 39. The method according to Claim 30, wherein any of the gateways may perform services on 

2 the cleartext datagram. 
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40. The method according to Claim 30, wherein operation of the cascading step may be 
selectively enabled for any particular network path. 

41 . The method according to Claim 40, wherein the selective enablement occurs by setting a 
cascading-enabled flag for the first protected network segment, and wherein datagrams sent on 
the network path are not protected using cascaded tunnels when the cascading step is disabled. 

42. The method according to Claim 33, wherein the identifying information may be altered by 
zero or more of the gateways. 
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